ietf-822
[Top] [All Lists]

Re: Dreaming about replacements (was IDN (was Did anyonetellMicrosoftye

2002-05-05 10:45:51

Header signatures and encryption can be accomplished by using
nested messages.

Completely impractical.

Funny, I use this capability on a daily basis as part of an internal
setup at Sun.

I'd like to see one of these messages, please. I'm particularly interested
to see how it handles the Subject header field in such a way as to protect
the message's privacy while at the same time functioning to serve
Subject-based threading.

In the particular case I mentioned the messages my MUA sees are entirely
normal. They are packaged up as part of the submission process and unpackaged
as part of the delivery process. The result is that threading works perfectly. 

A more interesting question is how to merge Received: field information in
such a setup.

But more generally, if a desire for increased security warrants pushing
encryption further towards the user, a tension necessarily develops between the
need to keep things hidden and the need to expose things for indexing and other
similar activities not directly associated with the handling of a message in
isolation. Unfortunately, this tension is fundamental and chosing different
syntaxes for things doesn't change it significantly.

There are many tradeoffs involved with using packaging techniques, especially
signed or encrypted packages. Virus scanning signed or encrypted packages is
problematic, for instance. There are plenty of other issues as well.

                                Ned

<Prev in Thread] Current Thread [Next in Thread>